Certification Requirements

Federal agencies may use certification requirements to help ensure quality in the goods and services they buy. For example, before buying computer or electrical equipment, an agency may require that prospective sellers obtain a certification from Underwriters Laboratories or another organization that the product is safe. Similarly, an agency may also require that certain professionals meet specific educational standards or be approved as competent by a specific group before providing a service. This report describes (1) the extent and the variety of certification activities in the federal government; (2) the extent to which there are policies, procedures, or guidance governing those activities, either governmentwide or within selected agencies; and (3) an agency's certification procedures that could serve as an example or "best practice" for other agencies. GAO summarized this report in testimony before Congress; see: Certification Requirements: Guidance Governing Agency Actions Is Limited, by L. Nye Stevens, Director of Federal Management and Workforce Issues, before the Subcommittee on Benefits, House Committee on Veterans' Affairs. GAO/T-GGD-99-166, Sept. 9 (seven pages).

GAO noted that: (1) federal agencies engage in a large number and wide variety of certification-related activities; (2) the National Institute of Standards and Technology (NIST) publishes directories listing more than 200 federal government procurement and regulatory programs in which agencies provide or require certification, accreditation, listing, or registration; (3) these directories provide only a partial inventory of agencies' activities because they focus primarily on certifications of products and services and they do not cover individual procurement actions in which agencies require particular certifications; (4) certification activities also vary across multiple dimensions, including the origin of the requirements, their targets, which entities do the certifying, whether the certifications are mandatory or voluntary, and the extent to which there is reciprocity with or recognition of other certifications or requirements; (5) specific guidance regarding the selection of specific requirements or certifying organizations is limited; (6) federal procurement law imposes some limits on agencies' use of certification requirements, restricting the use of certification requirements to instances in which the requirements are specifically imposed by law or the agencies show a particular need and, if possible, allow for alternatives; (7) some agencies have established certification procedures and criteria for individual programs, and agency officials identified some related policies, procedures and guidance that can affect their certification activities; (8) there is no governmentwide guidance, or agencywide guidance in the five agencies that GAO reviewed, regarding all types of certification requirements; (9) NIST has prepared draft guidance on conformity assessment activities, including certification, which it plans to issue for public comment; (10) one best practice that GAO has supported in the regulatory arena, transparency of decisionmaking, also appears applicable to certification requirements, particularly given the complexity and diversity of certification activities and organizations; (11) in the certification actions that GAO examined, the criteria that the agencies used to establish a particular requirement or select a particular certifying organization were very clear in some instances but not clear in others; (12) other agencies' certification actions were not as transparent and certification bodies that were not selected raised questions about the criteria that agencies used; and (13) in each of those cases, agency officials were able to provide the rationale for their actions.

Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.

Director: Team: Phone: